IAM Senior Engineer
Inbox Business Technologies · Riyadh, Riyadh, Saudi Arabia
Apply & track with Apply EdgeThe Senior Identity & Access Management (IAM) Engineer is responsible for designing, implementing, and maintaining enterprise IAM solutions that ensure secure and seamless access to systems and data. This role involves leading technical initiatives, automating identity lifecycle processes, integrating applications, and enforcing security policies across the organization. The engineer collaborates with security, infrastructure, and application teams to ensure IAM aligns with business needs and zero‑trust security principleResponsibilities IAM Architecture & EngineeringDesign and implement IAM architectures, including: Identity lifecycle managementAuthentication and authorization modelsAccess governance and role-based access control (RBAC/ABAC)Privileged access management (PAM)Implement Zero-Trust aligned identity controlsDevelop system integrations using APIs, SSO, federation (SAML, OAuth, OIDC), and SCIM provisioning Identity Lifecycle & AutomationAutomate joiner/mover/leaver (JML) workflowsBuild custom connectors, provisioning scripts, and automation pipelines using PowerShell, Windows ScriptOptimize identity data flows between HR systems, directories, and applications Directory & Authentication ServicesManage enterprise identity directories (e.g., Active Directory, Entra ID, LDAP)Implement MFA, passwordless authentication, and adaptive access policiesTroubleshoot authentication issues across protocols: Kerberos, LDAP, SAML, OAuth 2.0, OIDC Access Governance & ComplianceEnsure adherence to access policies and regulatory requirements (ISO 27001, SOX, HIPAA, PCI, etc.)Support access certifications/attestationsDevelop and maintain IAM standards, patterns, and playbooksConduct periodic access reviews and risk analysis Privileged Access Management (PAM)Administer PAM platforms (CyberArk, BeyondTrust, Delinea, etc.)Implement vaulting, credential rotation, session monitoring, and just‑in‑time accessReduce standing privileges and legacy admin accounts Application IntegrationOnboard applications for SSO and provisioning using SAML , OAuth, and SCIMWork with developers and product teams to implement secure, modern identity patterns Incident Response & TroubleshootingInvestigate and resolve IAM‑related security incidentsSupport SOC with identity‑specific detection, alerts, and forensicsPerform root-cause analysis for identity access failuresRequirementsTechnical SkillsStrong expertise in: IAM platform(s): Okta, Azure AD/Entra ID, Ping, ForgeRock, SailPoint, etcDirectory services (Active Directory, LDAP)SSO/Federation (SAML, OIDC, OAuth)SCIM provisioningExperience with privileged access technologiesFamiliarity with Zero Trust principlesUnderstanding of cloud platforms: Azure, AWS, or GCPSoft SkillsStrong problem-solving and analytical mindsetAbility to communicate with both technical and non‑technical stakeholdersExperience leading projects and delivering enterprise‑grade solutions